Abstract-- We introduce a metric for evaluating the robustness of a classifier, with particular attention to adversarial perturbations, in terms of expected functionality with respect to possible adversarial perturbations. Defining robustness in terms of an expected value is motivated by a domain general approach to robustness quantification. In support of this, it is desirable to have an approach Adversarial ML arises when some aspect of the system is to quantifying robustness that applies generally across intentionally manipulated to cause the classifier to make errors. Adversarial robustness specifically seeks to measure a model's We adopt the perspective that robustness is the ability of an performance when these perturbations are chosen selectively ML system to maintain its functionality at an acceptable level to be maximally disruptive. For example, evasion attacks add of performance when some aspect of the system is subject to human-imperceptible perturbations to a data instance to alter perturbation, consistent with the domain-general definition laid the output of a classifier, as illustrated in Figure 1.

We present a probabilistic generative model for inferring a description of coordinated, recursively structured group activities at multiple levels of temporal granularity based on observations of individuals’ trajectories. The model accommodates: (1) hierarchically structured groups, (2) activities that are temporally and compositionally recursive, (3) component roles assigning different subactivity dynamics to subgroups of participants, and (4) a nonparametric Gaussian Process model of trajectories. We present an MCMC sampling framework for performing joint inference over recursive activity descriptions and assignment of trajectories to groups, integrating out continuous parameters. We demonstrate the model’s expressive power in several simulated and complex real-world scenarios from the VIRAT and UCLA Aerial Event video data sets.